PracticeDev/study_clang/Mimic/nos_monitor/monitsys.c

1363 lines
48 KiB
C
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

#include "monitsys.h"
//stLogMsg *syslogreport,commendlog;
float cal_cpuoccupy(CPU_OCCUPY *o,CPU_OCCUPY *n)
{
unsigned long od,nd;
unsigned long id,sd;
float cpu_use = 0;
od = (unsigned long)(o->user + o->nice + o->system + o->idle);
nd = (unsigned long)(n->user + n->nice + n->system + n->idle);
id = (unsigned long)(n->nice - o->nice);
sd = (unsigned long)(n->idle - o->idle);
if((nd-od) != 0)
cpu_use = (float)(((nd-od)-sd))*100/(nd-od);
else
cpu_use = 0;
return cpu_use;
}
int judgeiflogin()
{
FILE *fd = NULL;
char buff[180],*num=NULL, *cmd=NULL,*cur,bu[180];
int i = 0,le = 0,newnum = 0, devalue = 0, t = 0, len = 0;
// system("who /var/log/wtmp | wc -l > /home/czl/tengswitch/login.txt");
// fd = fopen("/home/czl/tengswitch/login.txt","r");
if(NULL==(fd = popen(" who /var/log/wtmp | wc -l ","r")))
{
fprintf(stdout,"execute command failed: ");
return 0;
}
// fd = popen("history | tail -n 6","r");
fgets(buff,sizeof(buff),fd);
// printf("string in buff is:%s\n", buff);
// sscanf(buff,"%s %s",bu,&commendlog->szMsg[0][0]);
// printf("newnum in bu is :%s\n", bu);
newnum = atoi(buff);
printf("newnum in bu is :%d\n", newnum);
fclose(fd);
return newnum;
}
// stLogMsg *judgelogin()
/*
void judgelogin()
{
FILE *fd;
memset(&commendlog,0,sizeof(stLogMsg));
// stLogMsg commendlog ;
// commendlog = (stLogMsg*)malloc(sizeof(stLogMsg));
// memset(commendlog,0, sizeof(stLogMsg));
commendlog.uiType = 5;
stpcpy(commendlog.szIp,"172.171.17.213");
gettimeofday(&commendlog.stRcvTime,NULL);
stpcpy(commendlog.szLogFile,"/log/wtmp");
char buff[180],*num=NULL, *cmd=NULL,*cur,bu[180];
int i = 0,le = 0,newnum = 0, devalue = 0, t = 0, len = 0;
// system("who /var/log/wtmp | wc -l > /home/czl/tengswitch/login.txt");
fd = fopen("/home/czl/tengswitch/login.txt","r");
// fd = popen("history | tail -n 6","r");
// fgets(buff,sizeof(buff),fd);
// printf("string in buff is:%s\n", buff);
// sscanf(buff,"%s %s",bu,&commendlog->szMsg[0][0]);
// printf("newnum in bu is :%s\n", bu);
// newnum = atoi(buff);
devalue = newloginnum - lastloginnum;
if (devalue > 5 || devalue < 0)
{
printf("devalue in loop1 is :%d\n", devalue);
//sprintf(cmd,"who /var/log/wtmp |",);
system("who /var/log/wtmp | tail -n 6 > /home/czl/tengswitch/login.txt");
fgets(buff,sizeof(buff),fd);
for(le=0;le < 5; le++)
{
buff[180] = '0';
// sscanf(buff,"%s",&commendlog->szMsg[0][le]);
fgets(buff,sizeof(buff),fd);
memcpy(&commendlog.szMsg[le],buff,strlen(buff));
//printf("size of buff is %d \n",sizeof(buff));
//printf("strlen of buff is %d \n",strlen(buff));
printf("log in 1struct is %s",&commendlog.szMsg[le]);
}
printf("have come here \n");
}
else if (devalue <= 5 || devalue > 0)
{
sprintf(bu,"who /var/log/wtmp | tail -n %d > /home/czl/tengswitch/login.txt",devalue+1);
//printf("bu is :%s\n", bu);
printf("devalue in loop2 is :%d\n", devalue);
// cmd =&bu[0];
//memcpy(cmd,bu,strlen(bu));
//printf("cmd is :%d\n", cmd);
system(bu);
fgets(buff,sizeof(buff),fd);
for(le=0; le < devalue; le++)
{
buff[180] = '0';
fgets(buff,sizeof(buff),fd);
memcpy(&commendlog.szMsg[le],buff,strlen(buff));
printf("log in 2 struct is %s \n",&commendlog.szMsg[le]);
}
}
// printf("newnum is :%d\n", newnum);
// return &commendlog;
fclose(fd);
// printf("end of loop\n");
// lastlognum = newnum;
}
*/
stLogMsg judgelogin(char *ip)
{
stLogMsg getlogin;
// getlogin = (stLogMsg*)malloc(sizeof(stLogMsg));
FILE *fd;
// memset(&commendlog,0,sizeof(stLogMsg));
memset(&getlogin,0,sizeof(stLogMsg));
// stLogMsg commendlog ;
// commendlog = (stLogMsg*)malloc(sizeof(stLogMsg));
// memset(commendlog,0, sizeof(stLogMsg));
getlogin.uiType = 5;
stpcpy(getlogin.szIp,ip);
gettimeofday(&getlogin.stRcvTime,NULL);
stpcpy(getlogin.szLogFile,"login");
char buff[180],*num=NULL, *cmd=NULL,*cur,bu[180];
int i = 0,le = 0,newnum = 0, devalue = 0, t = 0, len = 0;
system("who /var/log/wtmp | wc -l > /root/monitor/login.txt");
fd = fopen("/root/monitor/login.txt","r");
// fd = popen("history | tail -n 6","r");
// fgets(buff,sizeof(buff),fd);
// printf("string in buff is:%s\n", buff);
// sscanf(buff,"%s %s",bu,&commendlog->szMsg[0][0]);
// printf("newnum in bu is :%s\n", bu);
// newnum = atoi(buff);
devalue = newloginnum - lastloginnum;
if (devalue > 5 || devalue < 0)
{
printf("devalue in loop1 is :%d\n", devalue);
//sprintf(cmd,"who /var/log/wtmp |",);
system("who /var/log/wtmp | tail -n 6 > /root/monitor/login.txt");
fgets(buff,sizeof(buff),fd);
for(le=0;le < 5; le++)
{
buff[180] = '0';
// sscanf(buff,"%s",&commendlog->szMsg[0][le]);
fgets(buff,sizeof(buff),fd);
memset(&getlogin.szMsg[le],0,sizeof(getlogin.szMsg[le]));
memcpy(&getlogin.szMsg[le],buff,strlen(buff));
//printf("size of buff is %d \n",sizeof(buff));
//printf("strlen of buff is %d \n",strlen(buff));
//printf("log in 1struct is %s",&getlogin->szMsg[le]);
}
//printf("have come here \n");
}
else if (devalue <= 5 || devalue > 0)
{
memset(&getlogin.szMsg[0],0,5*sizeof(getlogin.szMsg[le]));
sprintf(bu,"who /var/log/wtmp | tail -n %d > /root/monitor/login.txt",devalue+1);
//printf("bu is :%s\n", bu);
printf("devalue in loop2 is :%d\n", devalue);
// cmd =&bu[0];
//memcpy(cmd,bu,strlen(bu));
//printf("cmd is :%d\n", cmd);
system(bu);
fgets(buff,sizeof(buff),fd);
for(le=0; le < devalue; le++)
{
buff[180] = '0';
fgets(buff,sizeof(buff),fd);
memset(&getlogin.szMsg[le],0,sizeof(getlogin.szMsg[le]));
memcpy(&getlogin.szMsg[le],buff,strlen(buff));
//printf("log in 2 struct is %s \n",&getlogin->szMsg[le]);
}
}
// printf("newnum is :%d\n", newnum);
// printf("msg login in function type is %d\nip is %s\nfilename is %s\n ",getlogin->uiType,getlogin->szIp,getlogin->szLogFile);
// printf("szMsg0 is %s\n",getlogin->szMsg[0]);
// printf("szMsg1 is %s\n",getlogin->szMsg[1]);
// printf("szMsg2 is %s\n",getlogin->szMsg[2]);
// printf("szMsg3 is %s\n",getlogin->szMsg[3]);
// printf("szMsg4 is %s\n",getlogin->szMsg[4]);
fclose(fd);
return getlogin;
// lastlognum = newnum;
}
/*
void judgecommend()
{
stLogMsg *commendlog = NULL;//, *pst=NULL;
FILE *fd;
char buff[180],*num, *cmd,*cur,bu[180];
int i = 0,le = 0,newnum = 0, devalue = 0, t = 0, len = 0;
const char s[2] = " ";
commendlog = (stLogMsg*)malloc(sizeof(stLogMsg));
memset(commendlog,0, sizeof(stLogMsg));
//system("history | tail -n 6 > /home/czl/tengswitch/history.txt");
system("who /var/log/wtmp > /home/czl/tengswitch/history.txt");
while(1)
{
}
fd = fopen("/home/czl/tengswitch/history.txt","r");
// fd = popen("history | tail -n 6","r");
fgets(buff,sizeof(buff),fd);
printf("string in buff is:%s\n", buff);
sscanf(buff,"%s %s",bu,&commendlog->szMsg[0][0]);
// printf("newnum in bu is :%s\n", bu);
newnum = atoi(bu);
devalue = newnum - lastnum;
printf("devalue before loop is %d\n",devalue);
printf("begin to loop\n");
for(le = 0; le < 5; le++)
{
memset(commendlog,0, sizeof(stLogMsg));
buff[180] = '0';
fgets(buff,sizeof(buff),fd);
if(le < 5-devalue )
continue;
printf("%s\n", buff);
cur = &buff[0];
for(i=0;i<10;i++)
{
// printf("%d\n", i);
if (*cur == ' ')
t++;
if (t == 2)
num = ++cur;
if (t == 4)
{
cmd = ++cur;
break;
}
cur++;
}
// printf("%s\n", num);
printf("%s\n", cmd);
len =strlen(cmd);
memcpy(&commendlog->szMsg[0][le],cmd,len);
printf("string in struct is %s\n", &commendlog->szMsg[0][le]);
// printf("4%c\n", buff[3]);
// printf("5%c\n", buff[4]);
// printf("6%c\n", buff[5]);
// printf("7%c\n", buff[6]);
// printf("8%c\n", buff[7]);
// printf("9%c\n", buff[8]);
// num = strtok(buff,s);
//printf( "%s\n",num);
//cmd = strtok(NULL,s);
// strcpy(bu, strtok(NULL, " "));
// printf("%s\n", num);
//sscanf(buff,"%s %s",num, commendlog->szMsg[0][0]);
// pis =&commendlog[0];
// commendlog->uiType = 1;
// printf("%s %s\n", num , commendlog->szMsg[0][0]);
// printf("%d \n", commendlog->uiType);
}
fclose(fd);
printf("end of loop\n");
lastnum = newnum;
}
*/
void getPidByName(pid_t *pid, char *task_name)
{
DIR *dir;
struct dirent *ptr;
FILE *fp;
char filepath[50];
char cur_task_name[50];
char buf[BUF_SIZE];
dir = opendir("/proc");
if (NULL != dir)
{
while ((ptr = readdir(dir)) != NULL) //循环读取/proc下的每一个文件/文件夹
{
//如果读取到的是"."或者".."则跳过,读取到的不是文件夹名字也跳过
if ((strcmp(ptr->d_name, ".") == 0) || (strcmp(ptr->d_name, "..") == 0))
continue;
if (DT_DIR != ptr->d_type)
continue;
sprintf(filepath, "/proc/%s/status", ptr->d_name);//生成要读取的文件的路径
fp = fopen(filepath, "r");
if (NULL != fp)
{
if( fgets(buf, BUF_SIZE-1, fp)== NULL )
{
fclose(fp);
continue;
}
sscanf(buf, "%*s %s", cur_task_name); //如果文件内容满足要求则打印路径的名字即进程的PID
if (!strcmp(task_name, cur_task_name))
{
sscanf(ptr->d_name, "%d", pid);
}
fclose(fp);
}
}
closedir(dir);
}
}
void get_cpuoccupy(CPU_OCCUPY *cpust)
{
FILE *fd;
int n;
char buff[256];
CPU_OCCUPY *cpu_occupy;
cpu_occupy = cpust;
fd = fopen("/proc/stat","r");
fgets(buff,sizeof(buff),fd);
sscanf(buff,"%s %u %u %u %u",cpu_occupy->name,&cpu_occupy->user,&cpu_occupy->nice,&cpu_occupy->system,&cpu_occupy->idle);
// printf("%s %u %u %u %u\n",cpu_occupy->name,cpu_occupy->user,cpu_occupy->nice,cpu_occupy->system,cpu_occupy->idle);
fclose(fd);
}
int firewallcharge()
{
FILE *fd;
int n;
char buff[16];
char buff1[16];
// char buff2[16];
char buff2[16] = "active";
// system("systemctl status firewalld.service | grep Active > /home/czl/tengswitch/firewall.txt");
// system("chmod 777 firewall.txt");
//fd = fopen("/home/czl/tengswitch/firewall.txt","r");
// changed 20200813
if(NULL==(fd = popen("systemctl status firewalld.service | grep Active","r")))
{
fprintf(stdout,"execute command failed: ");
return 0;
}
//fgets(buff,sizeof(buff),fd);
fscanf(fd,"%s %s",buff,buff1);
// printf("%s %s\n",buff,buff1);
n = strcmp(buff1,buff2);
fclose(fd);
if( n == 0 )
{
//printf("firewall enable\n");
return 0;
}
else
{
//printf("firewall disable\n");
return 1;
}
}
unsigned int processnum()
{
FILE *fd,*fd1;
unsigned int pronum;
char buff[16];
char buff1[16];
// system("ps -auxw | wc -l >/home/czl/tengswitch/process_num.txt");
//system("chmod 777 /home/czl/tengswitch/process_num.txt");
//fd = fopen("/home/czl/tengswitch/process_num.txt","r");
if(NULL==(fd = popen("ps -auxw | wc -l","r")))
{
fprintf(stdout,"execute command failed: ");
return 0;
}
if(fd == NULL)
{
printf("<p>open file:process_num.txt error</p>");
exit(0);
}
///fgets(buff,sizeof(buff),fd);
fscanf(fd,"%s",buff);
pronum = atoi(buff);
fclose(fd);
return pronum;
}
unsigned int uiCronNum()
{
FILE *fd = NULL,*fp = NULL;
unsigned int cronum = 0;
char buff[128]="\0";
char buff1[]="no";
system("crontab -l > /root/monitor/cron.txt 2>&1");
system("chmod 777 /root/monitor/cron.txt");
fd = fopen("/root/monitor/cron.txt","r");
while(NULL != fgets(buff,sizeof(buff),fd))
{
cronum++;
continue;
}
if(cronum == 1)
{
fscanf(fd, "%s",buff);
buff[2]='\0';
if(strcmp(buff,buff1)==0)
{
printf("there is no date\n");
cronum = 0;
}
else
{
cronum = 1;
printf("there is date\n");
}
}
fclose(fd);
printf("num of crontask is %d\n",cronum);
return cronum;
}
unsigned int processnum_tcp()
{
FILE *fd,*fd1;
unsigned int pronum,tcpnum;
char buff[16];
char buff1[16];
//netstat -an |grep 'ESTABLISHED' |grep 'tcp' |wc -l
// system("netstat -n | awk '/^tcp/ {++S[$NF]} END {for(a in S) print a, S[a]}' > /home/czl/tengswitch/processtcp.txt");
// system("chmod 777 /home/czl/tengswitch/processtcp.txt");
// fd = fopen("/home/czl/tengswitch/processtcp.txt","r");
if(NULL==(fd = popen(" netstat -an |grep 'ESTABLISHED' |grep 'tcp' |wc -l ","r")))
{
fprintf(stdout,"execute command failed: ");
return 0;
}
fscanf(fd,"%s %s",buff,buff1);
tcpnum = atoi(buff1);
// printf("%d\n",tcpnum);
fclose(fd);
return tcpnum;
}
double get_memoccupy()
{
double memory_have = 0;
//system("free -m | grep Mem > memory.txt");
//system("chmod 777 memory.txt");
FILE * fp = NULL;
//fp = fopen ("memory.txt", "r");
if(NULL==(fp = popen("free -m | grep Mem","r")))
{
fprintf(stdout,"execute command failed: ");
return 0;
}
//if(fp == NULL)
//{
// printf("<p>open file:memory.txt error</p>");
// return 0;
//}
char s1[20] = {0};
unsigned int total = 0;
unsigned int used = 0;
fscanf(fp, "%s %d %d", s1, &total, &used);
//printf("name: %s\n total:%d\n used:%d\n",s1,total,used);
fclose(fp);
fp = NULL;
memory_have = ((100 * used) / total);
return memory_have;
}
int get_md5passwd(char* md5sum)
{
char md5num[128] = {0};
char filename[128] = {0};
int n;
// system("md5sum /etc/passwd > passwd.txt");
// system("chmod 777 passwd.txt");
FILE * fp = NULL;
// fp = fopen ("passwd.txt", "r");
// if(fp == NULL)
// {
// printf("<p>open file:passwd.txt error</p>");
// return 0;
// }
if(NULL==(fp = popen("md5sum /etc/passwd","r")))
{
fprintf(stdout,"execute command failed: ");
return -1;
}
//fscanf(fp, "%s %s", md5sum, filename);
fread(md5num,1,sizeof(md5num),fp);
sscanf(md5num, "%s %s", md5sum, filename);
//printf("passwd md5num in function is: %s\n",md5num);
fclose(fp);
//md5num[32]='\0';
//n = strlen(md5num);
// printf("len of passwd is %d\n",n);
//fp = NULL;
return 0;
}
int get_md5group(char* md5group)
{
char m_md5group[128] = {0};
char m_filename[128] = {0};
int n;
// system("md5sum /etc/passwd > passwd.txt");
// system("chmod 777 passwd.txt");
FILE * fp = NULL;
// fp = fopen ("passwd.txt", "r");
// if(fp == NULL)
// {
// printf("<p>open file:passwd.txt error</p>");
// return 0;
// }
if(NULL==(fp = popen("md5sum /etc/group","r")))
{
fprintf(stdout,"execute command failed: ");
return -1;
}
//fscanf(fp, "%s %s", md5group, filename);
fread(m_md5group,1,sizeof(m_md5group),fp);
sscanf(m_md5group, "%s %s", md5group, m_filename);
//printf("passwd md5Group in function is: %s\n",md5group);
fclose(fp);
//md5num[32]='\0';
//n = strlen(md5num);
// printf("len of passwd is %d\n",n);
//fp = NULL;
return 0;
}
FILE *getshellvalue(char *pcmd)
{
FILE * fstream = NULL;
if(NULL == (fstream = popen(pcmd,"r")))
{
fprintf(stdout,"execute command failed: ");
return NULL;
}
//pcmd = "ls -trl | awk '{print $9}'";
return fstream;
}
void *get_historycmd(void *arg)
{
int fd,wd,len,nread,i;
char buf[BUFSIZ];
struct inotify_event *event;
stLogMsg stlogmsg;
FILE * fnsteam = NULL;
const char *ip = "10.10.10.201";
int port = 7002;
char *pcip;
pcip = (char *)arg;
void * ctx = zmq_ctx_new();
fb_assert(ctx, "create zmq context faild");
void *sock = zmq_socket(ctx, ZMQ_REQ);
fb_assert(sock, "create zmq socket faild");
char szaddr[128] = {0};
char cmdbuff[128] = {0};
char cmd[128] = {0};
snprintf(szaddr, sizeof(szaddr), "tcp://%s:%d", ip, port);
{//加密相关代码
char szmsg[1024] = {0};
//此密钥为服务端产生的公钥
strcpy(szmsg, "p=lDOa9WKUKz!I9{G)uPX4@&CrV-(>tDg:kaSGzE");
zmq_setsockopt(sock, ZMQ_CURVE_SERVERKEY, szmsg, strlen(szmsg));
char szpubkey[64] = {0};
char szprikey[64] = {0};
zmq_curve_keypair(szpubkey, szprikey);
zmq_setsockopt(sock, ZMQ_CURVE_PUBLICKEY, szpubkey, strlen(szpubkey));
zmq_setsockopt(sock, ZMQ_CURVE_SECRETKEY, szprikey, strlen(szprikey));
}
zmq_connect(sock, szaddr);
int count = 0;
char szmsg[1024] = {0};
bzero(szmsg, sizeof(szmsg));
fd = inotify_init();
if (fd < 0)
{
fprintf(stderr, "inotify_init failed\n");
return NULL;
}
//wd = inotify_add_watch(fd, "/home/czl/test", IN_CREATE | IN_DELETE | IN_MOVED_FROM | IN_MOVED_TO );
//inotify_add_watch(fd, "/home/czl/tengswitch", IN_CREATE | IN_DELETE | IN_MOVED_FROM | IN_MOVED_TO );
wd = inotify_add_watch(fd, "/tmp/dbasky/root", IN_MODIFY | IN_CREATE | IN_DELETE | IN_MOVED_FROM | IN_MOVED_TO);
if (wd < 0)
{
fprintf(stderr, "inotify_add_watch %s failed\n", "/tmp/dbasky/root");
return NULL;
}
buf[sizeof(buf) - 1] = 0;
while ((len = read(fd, buf, sizeof(buf) - 1)) > 0)
{
nread = 0;
while (len > 0)
{
event = (struct inotify_event *)&buf[nread];
for (i = 0; i<EVENT_NUM; i++)
{
if ((event->mask >> i) & 1)
{
if (event->len > 0)
{
bzero(szmsg, sizeof(szmsg));
bzero(cmdbuff, sizeof(cmdbuff));
//fprintf(stdout, "%s --- %s\n", event->name, event_str[i]);
stlogmsg.uiType = 5;
stpcpy(stlogmsg.szIp,pcip);
// stpcpy(stfilestate.szPath,"/home/czl/test");
gettimeofday(&stlogmsg.stRcvTime,NULL);
//stpcpy(stlogmsg.szLogFile,event->name);
stpcpy(stlogmsg.szLogFile,"history");
char text[128];
stpcpy(text,event->name);
if (text[0] != '.')
{
// zmq_send(sock, &stfilestate, sizeof(stFileState), 0);
// zmq_recv(sock, szmsg, sizeof(szmsg) - 1, 0);
printf("type is %d\n ip is %s\n filename is %s\n ",stlogmsg.uiType,stlogmsg.szIp,stlogmsg.szLogFile);
sprintf(cmd,"tac /tmp/dbasky/root/%s",event->name);
// printf("cmd in fprintf is %s",cmd);
fnsteam = getshellvalue(cmd);
count = 0;
while(NULL != fgets(cmdbuff,sizeof(cmdbuff),fnsteam))
{
// fgets(cmdbuff,sizeof(cmdbuff),fnsteam);
if (count< 5 )
{
stpcpy(stlogmsg.szMsg[count],cmdbuff);
printf("cmd in struct is %s\n",stlogmsg.szMsg[count]);
}
else
break;
count++;
}
zmq_send(sock, &stlogmsg, sizeof(stLogMsg), 0);
zmq_recv(sock, szmsg, sizeof(szmsg) - 1, ZMQ_DONTWAIT);
printf("return of history cmd is %s\n",szmsg);
}
fclose(fnsteam);
// printf("mestype5 recv is %s\n",szmsg);
}
}
}
nread = nread + sizeof(struct inotify_event) + event->len;
len = len - sizeof(struct inotify_event) - event->len;
}
}
return 0;
}
void *monitorfile(void *arg)
{
int fd,wd,len,nread,i;
char buf[BUFSIZ];
struct inotify_event *event;
stFileState stfilestate;
const char *ip = "10.10.10.201";
char *pcip;
pcip = (char *)arg;
int port = 7002;
void * ctx = zmq_ctx_new();
fb_assert(ctx, "create zmq context faild");
void *sock = zmq_socket(ctx, ZMQ_REQ);
fb_assert(sock, "create zmq socket faild");
char szaddr[128] = {0};
snprintf(szaddr, sizeof(szaddr), "tcp://%s:%d", ip, port);
{//加密相关代码
char szmsg[1024] = {0};
//此密钥为服务端产生的公钥
strcpy(szmsg, "p=lDOa9WKUKz!I9{G)uPX4@&CrV-(>tDg:kaSGzE");
zmq_setsockopt(sock, ZMQ_CURVE_SERVERKEY, szmsg, strlen(szmsg));
char szpubkey[64] = {0};
char szprikey[64] = {0};
zmq_curve_keypair(szpubkey, szprikey);
zmq_setsockopt(sock, ZMQ_CURVE_PUBLICKEY, szpubkey, strlen(szpubkey));
zmq_setsockopt(sock, ZMQ_CURVE_SECRETKEY, szprikey, strlen(szprikey));
}
zmq_connect(sock, szaddr);
int count = 0;
char szmsg[1024] = {0};
bzero(szmsg, sizeof(szmsg));
fd = inotify_init();
if (fd < 0)
{
fprintf(stderr, "inotify_init failed\n");
return NULL;
}
//wd = inotify_add_watch(fd, "/home/czl/test", IN_CREATE | IN_DELETE | IN_MOVED_FROM | IN_MOVED_TO );
//inotify_add_watch(fd, "/home/czl/tengswitch", IN_CREATE | IN_DELETE | IN_MOVED_FROM | IN_MOVED_TO );
//wd = inotify_add_watch(fd, "/home/czl/test", IN_MODIFY);
wd = inotify_add_watch(fd, "/etc", IN_MODIFY);
inotify_add_watch(fd, "/etc/profile.d", IN_MODIFY);
inotify_add_watch(fd, "/etc/rc.d/init.d", IN_MODIFY);
//inotify_add_watch(fd, "/etc/rc.local", IN_MODIFY);
if (wd < 0)
{
fprintf(stderr, "inotify_add_watch %s failed\n", "/etc");
return NULL;
}
buf[sizeof(buf) - 1] = 0;
while ((len = read(fd, buf, sizeof(buf) - 1)) > 0)
{
nread = 0;
while (len > 0)
{
event = (struct inotify_event *)&buf[nread];
for (i = 0; i<EVENT_NUM; i++)
{
if ((event->mask >> i) & 1)
{
if (event->len > 0)
{
bzero(szmsg, sizeof(szmsg));
//fprintf(stdout, "%s --- %s\n", event->name, event_str[i]);
stfilestate.uiType = 3;
stpcpy(stfilestate.szIp,pcip);
// stpcpy(stfilestate.szPath,"/home/czl/test");
gettimeofday(&stfilestate.stRcvTime,NULL);
stpcpy(stfilestate.szFileName,event->name);
if (stfilestate.szFileName[0] != '.')
{
zmq_send(sock, &stfilestate, sizeof(stFileState), 0);
zmq_recv(sock, szmsg, sizeof(szmsg) - 1, ZMQ_DONTWAIT);
printf("modify event happend\n");
printf("file changed \n type is %d\n ip is %s\n filename is %s\n ",stfilestate.uiType,stfilestate.szIp,stfilestate.szFileName);
}
// printf("mestype5 recv is %s\n",szmsg);
}
}
}
nread = nread + sizeof(struct inotify_event) + event->len;
len = len - sizeof(struct inotify_event) - event->len;
}
}
return 0;
}
void *monitorfilenum(void *arg)
{
int fd,wd,len,nread,i;
char buf[BUFSIZ],num[10];
struct inotify_event *event;
stFileNum stfilenum;
FILE* fp = NULL;
// if (argc < 2)
// {
// fprintf(stderr, "%s path\n", argv[0]);
// return -1;
//}
char *pcip;
pcip = (char *)arg;
const char *ip = "10.10.10.201";
int port = 7002;
void * ctx = zmq_ctx_new();
fb_assert(ctx, "create zmq context faild");
void *sock = zmq_socket(ctx, ZMQ_REQ);
fb_assert(sock, "create zmq socket faild");
char szaddr[128] = {0};
snprintf(szaddr, sizeof(szaddr), "tcp://%s:%d", ip, port);
{//加密相关代码
char szmsg[1024] = {0};
//此密钥为服务端产生的公钥
strcpy(szmsg, "p=lDOa9WKUKz!I9{G)uPX4@&CrV-(>tDg:kaSGzE");
zmq_setsockopt(sock, ZMQ_CURVE_SERVERKEY, szmsg, strlen(szmsg));
char szpubkey[64] = {0};
char szprikey[64] = {0};
zmq_curve_keypair(szpubkey, szprikey);
zmq_setsockopt(sock, ZMQ_CURVE_PUBLICKEY, szpubkey, strlen(szpubkey));
zmq_setsockopt(sock, ZMQ_CURVE_SECRETKEY, szprikey, strlen(szprikey));
}
zmq_connect(sock, szaddr);
int count = 0;
char szmsg[1024] = {0};
bzero(szmsg, sizeof(szmsg));
fd = inotify_init();
if (fd < 0)
{
fprintf(stderr, "inotify_init failed\n");
return NULL;
}
wd = inotify_add_watch(fd, "/usr/local/sbin", IN_CREATE | IN_DELETE | IN_MOVED_FROM | IN_MOVED_TO );
//inotify_add_watch(fd, "/home/czl/tengswitch", IN_CREATE | IN_DELETE | IN_MOVED_FROM | IN_MOVED_TO );
//wd = inotify_add_watch(fd, "/home/czl/test", IN_MODIFY);
if (wd < 0)
{
fprintf(stderr, "inotify_add_watch %s failed\n", "/usr/local/sbin");
return NULL;
}
buf[sizeof(buf) - 1] = 0;
while ((len = read(fd, buf, sizeof(buf) - 1)) > 0)
{
nread = 0;
while (len > 0)
{
event = (struct inotify_event *)&buf[nread];
for (i = 0; i<EVENT_NUM; i++)
{
if ((event->mask >> i) & 1)
{
if (event->len > 0)
//fprintf(stdout, "%s --- %s\n", event->name, event_str[i]);
{
stpcpy(stfilenum.szFileName,event->name);
if (stfilenum.szFileName[0] != '.')
{
printf("num in test event happened \n");
bzero(szmsg, sizeof(szmsg));
stfilenum.uiType = 4;
stpcpy(stfilenum.szIp,pcip);
stpcpy(stfilenum.szPath,"/usr/local/sbin");
gettimeofday(&stfilenum.stRcvTime,NULL);
// system("ls -l /home/czl/test |grep '^-' |wc -l > /home/czl/tengswitch/filenum.txt");
// a = fopen("/home/czl/tengswitch/filenum.txt","r");
// if(a == NULL)
// {
// printf("<p>open file:filenum.txt error</p>");
// exit(0);
// }
if(NULL==( fp = popen("ls -l /usr/local/sbin |grep '^-' |wc -l ","r")))
{
fprintf(stdout,"execute command failed: ");
return NULL;
}
fscanf(fp,"%s",num);
//printf("filenum charged is %s\n",num);
stfilenum.uiFileNum = atoi(num);
fclose(fp);
printf("type 4 root file num changed\n type is %d\n ip is %s\n path is %s\n filename is %s\n file num is %d\n\n\n\n",stfilenum.uiType,stfilenum.szIp,stfilenum.szPath,stfilenum.szFileName,stfilenum.uiFileNum);
zmq_send(sock, &stfilenum, sizeof(stFileNum), 0);
zmq_recv(sock, szmsg, sizeof(szmsg) - 1,ZMQ_DONTWAIT);
printf("tpye num recv is %s\n",szmsg);
}
}
//else
//fprintf(stdout, "%s --- %s\n", " ", event_str[i]);
}
}
nread = nread + sizeof(struct inotify_event) + event->len;
len = len - sizeof(struct inotify_event) - event->len;
}
}
return 0;
}
void *monitorhomenum(void *arg)
{
int fd,wd,len,nread,i;
char buf[BUFSIZ],num[10];
struct inotify_event *event;
stFileNum stfilenum;
FILE* fp = NULL;
// if (argc < 2)
// {
// fprintf(stderr, "%s path\n", argv[0]);
// return -1;
//}
char *pcip;
pcip = (char *)arg;
const char *ip = "10.10.10.201";
int port = 7002;
void * ctx = zmq_ctx_new();
fb_assert(ctx, "create zmq context faild");
void *sock = zmq_socket(ctx, ZMQ_REQ);
fb_assert(sock, "create zmq socket faild");
char szaddr[128] = {0};
snprintf(szaddr, sizeof(szaddr), "tcp://%s:%d", ip, port);
{//加密相关代码
char szmsg[1024] = {0};
//此密钥为服务端产生的公钥
strcpy(szmsg, "p=lDOa9WKUKz!I9{G)uPX4@&CrV-(>tDg:kaSGzE");
zmq_setsockopt(sock, ZMQ_CURVE_SERVERKEY, szmsg, strlen(szmsg));
char szpubkey[64] = {0};
char szprikey[64] = {0};
zmq_curve_keypair(szpubkey, szprikey);
zmq_setsockopt(sock, ZMQ_CURVE_PUBLICKEY, szpubkey, strlen(szpubkey));
zmq_setsockopt(sock, ZMQ_CURVE_SECRETKEY, szprikey, strlen(szprikey));
}
zmq_connect(sock, szaddr);
int count = 0;
char szmsg[1024] = {0};
bzero(szmsg, sizeof(szmsg));
fd = inotify_init();
if (fd < 0)
{
fprintf(stderr, "inotify_init failed\n");
return NULL;
}
wd = inotify_add_watch(fd, "/home", IN_CREATE | IN_DELETE | IN_MOVED_FROM | IN_MOVED_TO );
//inotify_add_watch(fd, "/home/czl/tengswitch", IN_CREATE | IN_DELETE | IN_MOVED_FROM | IN_MOVED_TO );
//wd = inotify_add_watch(fd, "/home/czl/test", IN_MODIFY);
if (wd < 0)
{
fprintf(stderr, "inotify_add_watch %s failed\n", "/home");
return NULL;
}
buf[sizeof(buf) - 1] = 0;
while ((len = read(fd, buf, sizeof(buf) - 1)) > 0)
{
nread = 0;
while (len > 0)
{
event = (struct inotify_event *)&buf[nread];
for (i = 0; i<EVENT_NUM; i++)
{
if ((event->mask >> i) & 1)
{
if (event->len > 0)
//fprintf(stdout, "%s --- %s\n", event->name, event_str[i]);
{
stpcpy(stfilenum.szFileName,event->name);
// system("ls -l /home/czl/test |grep '^-' |wc -l > /home/czl/tengswitch/filenum.txt");
// a = fopen("/home/czl/tengswitch/filenum.txt","r");
// if(a == NULL)
// {
// printf("<p>open file:filenum.txt error</p>");
// exit(0);
// }
if (stfilenum.szFileName[0] != '.')
{
printf("num in home event happened \n");
bzero(szmsg, sizeof(szmsg));
stfilenum.uiType = 4;
stpcpy(stfilenum.szIp,pcip);
stpcpy(stfilenum.szPath,"/home");
gettimeofday(&stfilenum.stRcvTime,NULL);
if(NULL==( fp = popen("ls -l /home |grep '^-' |wc -l ","r")))
{
fprintf(stdout,"execute command failed: ");
return NULL;
}
fscanf(fp,"%s",num);
//printf("filenum charged is %s\n",num);
stfilenum.uiFileNum = atoi(num);
fclose(fp);
printf("type 4 home file num changed\n type is %d\n ip is %s\n path is %s\n filename is %s\n file num is %d\n\n\n\n",stfilenum.uiType,stfilenum.szIp,stfilenum.szPath,stfilenum.szFileName,stfilenum.uiFileNum);
zmq_send(sock, &stfilenum, sizeof(stFileNum), 0);
zmq_recv(sock, szmsg, sizeof(szmsg) - 1,ZMQ_DONTWAIT);
printf("tpye num recv is %s\n",szmsg);
}
}
//else
//fprintf(stdout, "%s --- %s\n", " ", event_str[i]);
}
}
nread = nread + sizeof(struct inotify_event) + event->len;
len = len - sizeof(struct inotify_event) - event->len;
}
}
return 0;
}
int reportpathnum()
{
FILE *fd = NULL,*fp = NULL;
char path[1024]="\0",b[10][128],i=0,j,num[128],cmd[128] = "\0";
unsigned int filenum = 0,allnum = 0,pathnum = 0;
if(NULL==(fd = popen("echo $PATH","r")))
{
fprintf(stdout,"execute command failed: ");
return 0;
}
if (NULL == fgets(path,sizeof(path),fd))
return 0;
fclose(fd);
printf("date in path is %s\n",path);
pathnum = strlen(path);
path[pathnum-1] = '\0';
char* token = strtok(path,":");
while(token != NULL)
{
strcpy(b[i++],token);
token = strtok(NULL,":");
if( i == 9 )
break;
}
for(j=0;j<i;j++)
{
fp = NULL;
strcpy(cmd,"\0");
strcpy(num,"\0");
sprintf(cmd,"ls -lR %s | grep ^- | wc -l",b[j]);
// printf("cmd is %s \n",cmd);
fp = getshellvalue(cmd);
if (fp == NULL)
continue;
fscanf(fp,"%s",num);
filenum = atoi(num);
allnum += filenum;
fclose(fp);
}
// printf("all file num is %d\n",allnum);
//fclose(fp);
return allnum;
}
int main()
{
char task_name[50]= {0};
char cmanager[50]= {0};
char manprocess[50]= {0};
char md5passwd[128] = {0};
char md5group[128] = {0};
uint err,err1,err2,err3,tcpnum,pronum,firestate0 = 0,firestate1 = 0,manpstate0 = 0,manpstate1 = 0,cmstate0 = 0,cmstate1 = 0,cpumemstate0 = 0,cpumemstate1 = 0;
char ip[32] = "10.10.10.201";
char pcip[32] = "\0";
int port = 7002,lastpathnum = 0,newpathnum = 0,iplen = 0,tasklen = 0,cmlen = 0,manlen = 0;
pid_t pid = 0 ,cmpid = 0,manpropid = 0;
FILE *fp = NULL;
fp = fopen ("/etc/nos_monitor_conf.ini", "r");
if(fp == NULL)
{
printf("<p>open file: /etc/nos_monitor_conf.ini error</p>");
return 0;
}
// fscanf(fp,"%s %s %s %s",pcip,task_name,cmanager,manprocess);
fgets(pcip, sizeof(pcip), fp);
// while(1)
// {
// printf("\n length of pcip is %d \n",strlen(pcip));
iplen = strlen(pcip);
pcip[iplen-1]='\0';
// printf("\n ip get is %s \n",pcip);
// sleep(1);
// }
fgets(task_name, sizeof(task_name), fp);
tasklen = strlen(task_name);
//printf("\n tasklen get is %d \n",tasklen);
task_name[tasklen-1]='\0';
// printf("\n task_name get is %s \n",task_name);
fgets(cmanager, sizeof(cmanager), fp);
cmlen = strlen(cmanager);
// printf("\n cmlen get is %d \n",cmlen);
cmanager[cmlen-1]='\0';
//printf("\n cmanager get is %s \n",cmanager);
fgets(manprocess, sizeof(manprocess), fp);
manlen = strlen(manprocess);
// printf("\n manlen get is %d \n",manlen);
manprocess[manlen-1] = '\0';
// printf("\n manprocess get is %s \n",manprocess);
fclose(fp);
pthread_t history_cmd,filecharge,filenumcharge,homenumcharge;
Msgreport mesgreport;
stProcessState processstate;
stFileNum pathreport;
stLogMsg syslogreport,commendlog;
//syslogreport = (stLogMsg*)malloc(sizeof(stLogMsg)+1);
memset(&syslogreport,0, sizeof(stLogMsg));
void * ctx = zmq_ctx_new();
fb_assert(ctx, "create zmq context faild");
void *sock = zmq_socket(ctx, ZMQ_REQ);
fb_assert(sock, "create zmq socket faild");
char szaddr[128] = "\0";
snprintf(szaddr, sizeof(szaddr), "tcp://%s:%d", ip, port);
{//加密相关代码
char szmsg[1024] = {0};
//此密钥为服务端产生的公钥
strcpy(szmsg, "p=lDOa9WKUKz!I9{G)uPX4@&CrV-(>tDg:kaSGzE");
zmq_setsockopt(sock, ZMQ_CURVE_SERVERKEY, szmsg, strlen(szmsg));
char szpubkey[64] = {0};
char szprikey[64] = {0};
zmq_curve_keypair(szpubkey, szprikey);
zmq_setsockopt(sock, ZMQ_CURVE_PUBLICKEY, szpubkey, strlen(szpubkey));
zmq_setsockopt(sock, ZMQ_CURVE_SECRETKEY, szprikey, strlen(szprikey));
}
zmq_connect(sock, szaddr);
int count = 0;
char szmsg[1024] = {0};
bzero(szmsg, sizeof(szmsg));
// getchar();
// sleep(1);
err = pthread_create(&history_cmd, NULL, get_historycmd, (void *)&pcip);
//printf("have come here");
err1 = pthread_create(&filecharge, NULL, monitorfile, (void *)&pcip);
err2 = pthread_create(&filenumcharge, NULL, monitorfilenum, (void *)&pcip);
err3 = pthread_create(&homenumcharge, NULL, monitorhomenum, (void *)&pcip);
int memory_have = 0;
CPU_OCCUPY cpu_stst1;
CPU_OCCUPY cpu_stst2;
int cpu;
while(1)
{
char szmsg[1024] = {0};
bzero(szmsg, sizeof(szmsg));
// snprintf(szmsg, sizeof(szmsg), "I say %d", ++count);
// fb_debug("send msg : [%s]", szmsg);
// zmq_send(sock, szmsg, strlen(szmsg), 0);
// zmq_recv(sock, szmsg, sizeof(szmsg) - 1, 0);
// fb_debug("recv msg : [%s]", szmsg);
get_cpuoccupy((CPU_OCCUPY *)&cpu_stst1);
sleep(1);
get_cpuoccupy((CPU_OCCUPY *)&cpu_stst2);
cpu = cal_cpuoccupy((CPU_OCCUPY *)&cpu_stst1,(CPU_OCCUPY *)&cpu_stst2);
memory_have = 100*get_memoccupy();
// printf("1cpu usage:%.2f\%\n mem usage:%.2f\%\n",cpu,memory_have);
mesgreport.uiType = 1;
mesgreport.uiCpuRate = 100*cpu;
mesgreport.uiMemRate = memory_have;
stpcpy(mesgreport.szip,pcip);
//printf("2cpu usage:%.2f\%\n mem usage:%.2f\%\n",mesgreport.uiCpuRate,mesgreport.uiMemRate);
//printf("szip is:%s\n",mesgreport.szip);
mesgreport.uiCronNum = uiCronNum();
tcpnum = processnum_tcp();
//tcpnum = 10;
pronum = processnum();
mesgreport.uiTcpEstablishNum = tcpnum;
mesgreport.uiRunningProcessNum = pronum;
//printf("tcp and process is %d and %d\n",tcpnum,pronum);
// judgecommend();
// judgelogin();
get_md5passwd(md5passwd);
//printf("test PasswdMd5 is %s\n",md5passwd);
// strcpy(mesgreport.szPasswdMd5,md5passwd);
memcpy(mesgreport.szPasswdMd5,md5passwd,strlen(md5passwd));
//md5group = get_md5group();
get_md5group(md5group);
memcpy(mesgreport.szGroupMd5,md5group,strlen(md5group));
gettimeofday(&mesgreport.stRcvTime,NULL);
zmq_send(sock, &mesgreport, sizeof(mesgreport), 0);
// printf("have send success \n");
zmq_recv(sock, szmsg, sizeof(szmsg) - 1, ZMQ_DONTWAIT);
// printf("have recv success \n");
// printf("mestype1 recv is %s\n",szmsg);
// printf("Type1 send ip is %s\n passmd5 is %s\n groupmd5 is %s\n cpurate is %d\n memrate is %d\n\n\n\n",mesgreport.szip,mesgreport.szPasswdMd5,mesgreport.szGroupMd5,mesgreport.uiCpuRate,mesgreport.uiMemRate);
pid = 0 ;
getPidByName(&pid, task_name);
//printf("pid of monitsys is %d",pid);
if (pid > 0)
cpumemstate1 = 1;
else
{
bzero(szmsg, sizeof(szmsg));
processstate.uiType = 2;
stpcpy(processstate.szIp,pcip);
gettimeofday(&processstate.stRcvTime,NULL);
stpcpy(processstate.uiProcessname,task_name);
processstate.uiProcessState = 0;
zmq_send(sock, &processstate, sizeof(processstate), 0);
zmq_recv(sock, szmsg, sizeof(szmsg) - 1,ZMQ_DONTWAIT);
printf("type 2 send ip is %s\n Type is %d\n processname is %s\n processstate is %d\n\n\n\n",processstate.szIp,processstate.uiType,processstate.uiProcessname,processstate.uiProcessState);
sleep(1);
}
cmpid = 0;
getPidByName(&cmpid, cmanager);
printf("pid of top is %d\n\n",cmpid);
if (cmpid > 0)
cmstate1 = 1;
else{
bzero(szmsg, sizeof(szmsg));
processstate.uiType = 2;
stpcpy(processstate.szIp,pcip);
gettimeofday(&processstate.stRcvTime,NULL);
stpcpy(processstate.uiProcessname,cmanager);
processstate.uiProcessState = 0;
zmq_send(sock, &processstate, sizeof(processstate), 0);
zmq_recv(sock, szmsg, sizeof(szmsg) - 1,ZMQ_DONTWAIT);
// printf("mestype2 recv is %s\n",szmsg);
printf("type 2 send ip is %s\n Type is %d\n processname is %s\n processstate is %d\n\n\n",processstate.szIp,processstate.uiType,processstate.uiProcessname,processstate.uiProcessState);
sleep(1);
}
manpropid = 0;
getPidByName(&manpropid, manprocess);
if (manpropid > 0)
manpstate1 = 1;
else
{
bzero(szmsg, sizeof(szmsg));
processstate.uiType = 2;
stpcpy(processstate.szIp,pcip);
gettimeofday(&processstate.stRcvTime,NULL);
stpcpy(processstate.uiProcessname,manprocess);
processstate.uiProcessState = 0;
zmq_send(sock, &processstate, sizeof(processstate),0);
zmq_recv(sock, szmsg, sizeof(szmsg) - 1, ZMQ_DONTWAIT);
printf("type 2 send ip is %s\n Type is %d\n processname is %s\n processstate is %d\n\n\n",processstate.szIp,processstate.uiType,processstate.uiProcessname,processstate.uiProcessState);
sleep(1);
}
firestate1 = firewallcharge();
if (firestate1 == 1)
{
bzero(szmsg, sizeof(szmsg));
processstate.uiType = 2;
stpcpy(processstate.szIp,pcip);
gettimeofday(&processstate.stRcvTime,NULL);
stpcpy(processstate.uiProcessname,"firewall");
processstate.uiProcessState = 0;
zmq_send(sock, &processstate, sizeof(processstate), 0);
zmq_recv(sock, szmsg, sizeof(szmsg) - 1,ZMQ_DONTWAIT);
printf("type 2 send ip is %s\n Type is %d\n processname is %s\n processstate is %d\n\n\n",processstate.szIp,processstate.uiType,processstate.uiProcessname,processstate.uiProcessState);
sleep(1);
}
newloginnum = judgeiflogin();
// printf("newloginnum is %d\n",newloginnum);
if (newloginnum != lastloginnum)
{
bzero(szmsg, sizeof(szmsg));
syslogreport = judgelogin(pcip);
// printf("log before send struct is %s \n",&commendlog.szMsg[0]);
zmq_send(sock, &syslogreport, sizeof(stLogMsg), 0);
zmq_recv(sock, szmsg, sizeof(szmsg) - 1,ZMQ_DONTWAIT);
// printf("mestype5 recv is %s\n",szmsg);
lastloginnum = newloginnum;
// printf("msg login type is %d\nip is %s\nfilename is %s\n ",syslogreport.uiType,syslogreport.szIp,syslogreport.szLogFile);
// printf("szMsg0 is %s\n",syslogreport.szMsg[0]);
// printf("szMsg1 is %s\n",syslogreport.szMsg[1]);
// printf("szMsg2 is %s\n",syslogreport.szMsg[2]);
// printf("szMsg3 is %s\n",syslogreport.szMsg[3]);
// printf("szMsg4 is %s\n",syslogreport.szMsg[4]);
}
newpathnum = reportpathnum();
if (newpathnum != lastpathnum)
{
bzero(szmsg, sizeof(szmsg));
pathreport.uiType = 4;
stpcpy(pathreport.szIp,pcip);
stpcpy(pathreport.szPath,"path");
gettimeofday(&pathreport.stRcvTime,NULL);
pathreport.uiFileNum = newpathnum;
zmq_send(sock, &pathreport, sizeof(pathreport), 0);
zmq_recv(sock, szmsg, sizeof(szmsg) - 1,ZMQ_DONTWAIT);
lastpathnum = newpathnum;
printf("\n\npath receive is %s\n\n",szmsg);
}
}
zmq_close(sock);
zmq_ctx_term(ctx);
zmq_ctx_destroy(ctx);
return 0;
}